The General Data Protection Regulation (GDPR) is the new EU regulation regarding the protection of individuals’ personal data.


As of 25/5/2018, compliance with the GDPR is mandatory for all public and private entities and companies.


For all companies, regardless of legal form (sole proprietorships, companies), which process personal data and are established within the EU (or are established outside the EU but process personal data of people residing in it).


By personal data we mean any information concerning an identified or identifiable natural person.

Examples of general personal data: name and surname, home address, email address, age, marital status, VAT number, ID number.

Examples of personal data of special categories: racial origin, religious beliefs, membership in a trade union, health data, political views, biometrics, sex / sexual orientation data.

The Accountability Principle is a key innovation of the GDPR and requires controllers to be consistently compliant with the GDPR and to be able to demonstrate it at the same time. The evidence is given in print or digitally..


Compliance is the process of approaching and adapting personal data processing according to the rules and spirit imposed by the GDPR. This process is ongoing.


Personal data processing can change either in terms of its content (eg adding new categories of data) or in terms of the legal framework governing it. At the same time, technological progress requires the updating of technical measures that support or ensure data processing.


Controllers risk on a case-by-case basis, to a bigger or smaller extent, from sources of risk such as: co-workers (unsuccessful collaboration, frequent staff turnover, data management errors), dissatisfied customers, competitors, malicious third parties, security incidents.


Risks to organizations may include: unlawful disclosure of data, unlawful processing (risk of life / health / personality for subjects), imposition of high administrative fines, claims for compensation from subjects, damage to corporate reputation, complications in corporate partnerships, difficulties in acquisition and merger procedures.


Depending on the type of breach, non-compliance with the Regulation could result in administrative fines – penalties of up to € 20 million • or, in the case of businesses, up to 4% of the total annual worldwide turnover in the preceding financial year.


  • The GDPR Toolkits are Compliance Systems, not just printouts
  • They cover the activities of the companies – They respond proportionally to the requirements of the GDPR
  • They have no restrictions (number of employees, jobs, activities, etc)
  • They do not require you to be an Expert – They include clear instructions to simplify their use
  • They include self-monitoring tools to help you evaluate data processing decisions more confidently
  • They have a cost escalation without discounts on coverage
  • They are constantly updated (at least on an annual basis) and incorporate changes in legislation and best practices in data protection

The online questionnaire designed by TrustPl @ n is an assessment of the readiness, completeness and compliance with the GDPR for the company.

It is based on an algorithm that incorporates Artificial Intelligence – AI techniques, which evaluates the answers given and automatically makes the relevant evaluation.

The evaluation is displayed immediately upon submission of the responses. The following is the proposal of the best solution from the available ones, choosing between GDPRToolkits and / or Bundles that correspond more to the needs of the company (according to the answers given).